blob: 14ffc53f67a5d959f9d10e11158c05373c65ac93 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
import {
PublicKeyCredentialCreationOptionsJSON,
AuthenticatorAttestationResponseJSON,
AttestationCredential,
} from '@webauthntine/typescript-types';
import toUint8Array from '../helpers/toUint8Array';
import toBase64String from '../helpers/toBase64String';
import supportsWebauthn from '../helpers/supportsWebauthn';
import toPublicKeyCredentialDescriptor from '../helpers/toPublicKeyCredentialDescriptor';
/**
* Begin authenticator "registration" via WebAuthn attestation
*
* @param creationOptionsJSON Output from @webauthntine/server's generateAttestationOptions(...)
*/
export default async function startAttestation(
creationOptionsJSON: PublicKeyCredentialCreationOptionsJSON,
): Promise<AuthenticatorAttestationResponseJSON> {
if (!supportsWebauthn()) {
throw new Error('WebAuthn is not supported in this browser');
}
// We need to convert some values to Uint8Arrays before passing the credentials to the navigator
const publicKey: PublicKeyCredentialCreationOptions = {
...creationOptionsJSON.publicKey,
challenge: toUint8Array(creationOptionsJSON.publicKey.challenge),
user: {
...creationOptionsJSON.publicKey.user,
id: toUint8Array(creationOptionsJSON.publicKey.user.id),
},
excludeCredentials: creationOptionsJSON.publicKey.excludeCredentials.map(
toPublicKeyCredentialDescriptor,
),
};
// Wait for the user to complete attestation
const credential = await navigator.credentials.create({ publicKey });
if (!credential) {
throw new Error('Attestation was not completed');
}
const { response } = credential as AttestationCredential;
// Convert values to base64 to make it easier to send back to the server
return {
base64AttestationObject: toBase64String(response.attestationObject),
base64ClientDataJSON: toBase64String(response.clientDataJSON),
};
}
|
